Security Laboratory

Security Laboratory

Could Currency Be Destabilized?

John C. A. Bambenek and Stephen Northcutt
Version 1.2

Summary:Growing evidence indicates a variety of attacks could cause significant economic harm to a target, an attack specifically designed to destabilize a currency might now be possible especially if sponsored by a party with significant economic power (i.e., a major country) or executed with precise timing during a high stress period on the economy.

Internet-based Electronic Warfare

Traditional economic warfare seeks to disrupt the flow of commerce in a nation or reduce the confidence or willingness of participants to engage in economic activity. In the Internet world, the main tools are denials of service, identity (or information) theft, or fraud.

Paul Kanjorski, the chairman of the House financial services subcommittee, went on C-Span January 27, 2009 and said that $550 billion was withdrawn from money-market accounts on September 15, 2008 in the space of "an hour or two", that Treasury "closed down the money accounts", and that if they hadn't done so, "by 2 PM that afternoon $5.5-trillion would have been withdrawn". The speech is documented on Youtube (hang tough till you get past the panicked lady.)[1] Kanjorski further said, if the Treasury had not responded by guaranteeing $250,000 per account the entire economy of the United States would have collapsed, followed by the rest of the world in 24 hours. If you are interested in learning more what actually did happen that week, I suggest Felix Salmon's blog posting.[2]

You may not have heard about this on mainstream media, because it does not appear to be based on solid sources, though it would make an excellent novel. However, there are chinks in the US Treasury: in a Moody's Triple A bond rating, the US and the UK were put in a class above that of Spain and Ireland, but below Germany, France, Canada and the four Scandinavian countries.[3] In 2008, Worldnet Daily reported, ""We decided to raise the flag," Tom Lemmon at Moody's told WND, "because the underlying credit rating of the U.S. government faces the risk of downgrading in the next 10 years if solutions are not found to our growing Medicare and Social Security unfunded obligations." In May 2009 Standard & Poor released a warning over Britian's credit rating, though they did not actually downgrade.

Economics of Currency Trading

The valuation of currency, at least in economies using "fiat" money, is based on the perception of that currency's general worth. This perception is based on several factors, the strength of the government's economy behind that currency, the willingness of governments to invest in that economy, and general geopolitical factors. For instance, the perception that the United States is overextended with its trade and budget deficits adversely affects the valuation of the dollar.

Those who buy and sell currency each day, currency traders, are considered a savvy bunch. Because the information they rely on to make decisions crosses international boundaries into countries which may or may not necessarily be open with information, they have to rely on both conventional and unconventional information sources. In order to have a successful impact on a currency's value, one would need to successfully change the perception of a bulk of these currency traders.

Likelihood of Success

There are plenty of analogous examples that short-term influences can be made on valuations of stocks and such. For instance, several companies have been subject to false press releases that had dramatic effects on their stock prices. In those cases, the perpetrator was caught quickly and the stock resumed its previous value. People were able to make money trading options on that stock, but the long-term fundamental value of the company remained unchanged once people discovered the fraud.

This would be likely true for the case of currency.Currency traders, a savvy bunch, might be able to be duped into believing false information that could cause a run on the currency. But likely value shoppers would find the scam and buy low when people rushed back in after the fraud was discovered. In the cases of manipulation of stock prices, the fraud was discovered in days, if not hours.If a similar fraud were attempted on a currency, the full weight of that nation's government would be levied to fix the problem quickly.

In order to have an impact on an economy the assets involved would have to be significant. For instance, the United States had a Gross Domestic Product (GDP) in 2008 of US$14.3 trillion.[4] Even launching an attack with $100 million would be like trying to bankrupt a major international corporation by running out the door with a fistful of nickels from petty cash.

One successful attempt at currency manipulation (or savvy investment, depending on your opinion on the matter) was Black Wednesday in 1992. George Soros bet 10 billion pounds against the Bank of England and broke the currency.[4] In that case, England's currency was already having problems and Soros was the "straw the broke the camel's back". At that time, he used an amount of money roughly equal to 1.5% of Britain's GDP. With significant investment of resources, a currency "on the brink" can be successfully attacked.

Concerns from Asia

Dr. Manzur Ejaz blogs about "Recent currency destabilization in the East Asian countries (Thailand, Philippine and Malaysia) by international speculators was a preamble to an unfolding of a broader picture." And a PBS interview with Dr. Mahathir bin Mohamad descibes the havoc he has had to deal with concerning the Malaysian currency. "In the old days you needed to conquer a country with military force, and then you could control that country. Today it's not necessary at all. You can destabilize a country, make it poor, and then make it request help. And [in exchange] for the help that is given, you gain control over the policies of the country, and when you gain control over the policies of a country, effectively you have colonized that country."

Summary

In order to have anything but a short-lived and transitory effect on the value of a currency, it would take a significant amount of assets and other factors that have already placed the currency in a weakened state. With the combined weight of a government who has a vested interest in correct deception and savvy investors who would quickly discovery it, perception based electronic attacks would not be likely to succeed.

It is possible that a large-scale denial of service attack could disrupt an economy enough to eventually lead to currency devaluation; however, the scale would have to be many orders of magnitude larger than has yet been seen. September 11th has shown that the American economy can sustain several days of suspended economic activity and few denial of service attacks have been able to be maintained for that long.

In short, without the full backing and commitment of another nation, a significant investment of resources, and a willingness to be identified (at least the nation) as being behind the attack, direct long-term currency manipulation is not likely. If anyone can disrupt the US economy, it is China, they hold something on the order of $2 Trillion dollars in US debt, they would have to take a loss to do so, the impact on the Yuan which has been tied to the dollar for a very long time can not be calculated.[6]

John Bambenek is an academic professional at the University of Illinois at Urbana-Champaign and a handler for the Internet Storm Center.

Featured Student/Alumni

Russell Eubanks

Russell Eubanks leads the Security Architecture, Risk and Compliance teams at Cox Communications. He has developed information security programs from the ground up and actively seeks opportunities to measurably increase their overall security posture. Read More

Contact Us

After starting the program, I was promoted to Information Security Officer. I believe my involvement in the program was a contributing factor in that happening. - John Brozycki, Alumni of SANS Technology Institute

SANS is a 'giving back to the community factory.' SANS encourages and fosters growing security awareness and growing the security community. - Rob VandenBrink, Alumni of SANS Technology Institute